Stop us if you’ve heard this one. Federal prosecutors no longer need Apple’s assistance in unlocking an iPhone in a Brooklyn drug case, as investigators have found a way to do so themselves. It’s the second major case recently where the government has attempted to demand Apple’s help but, before a judge granted the government’s request, the Justice Department managed to unlock the iPhone in question. . . .

New standards are needed to plug security and privacy gaps in our cars and trucks, according to a report released today by Senator Edward J. Markey (D-Mass.). The report, called Tracking & Hacking: Security & Privacy Gaps Put American Drivers at Risk and first reported on by CBS News’ 60 Minutes, reveals how sixteen major automobile manufacturers responded to questions from Senator Markey in 2014 about how vehicles may be vulnerable to hackers, and how driver information is collected and protected. . . .

[T]he IRS on Tuesday announced that hackers recently attempted to use some 464,000 stolen Social Security numbers and an automated bot to generate E-file PINs, which can be used to electronically file a tax return. The incident occurred last month, and the hackers were able to successfully access an E-file PIN with 101,000 of the SSNs.

* * *

Last year, Turbo Tax temporarily halted e-filing for state returns across the U.S. after it found ‘an increase in suspicious filings and attempts by criminals to use stolen identity information to file fraudulent state tax returns and claim tax refunds.’

Plaintiffs, Neiman Marcus cardholders, brought a class action against the store for damages caused by a 2013 data breach. Hackers accessed customers’ credit and debit cards, as well as other personal information. The Northern District of Illinois, Eastern Division, ruled that the individual Plaintiffs and the class action against Neiman Marcus lacked standing under Article III of the Constitution.

Plaintiffs appealed to the United States Court of Appeals for the Seventh Circuit. The link takes you to the Seventh Circuit’s opinion explaining how Plaintiffs prevailed and why it reversed and remanded the case. Neiman Marcus filed for rehearing. The Seventh Circuit followed its usual habit, and denied it.

Another day, another hack. Yesterday brought news that four million current and former government employees may have had their personal information stolen by Chinese hackers.

Of course, this comes on the heels of what has been a staggering 18 months of hacks. Starting with the Home Depot and Target hacks, we’ve been barraged with story after story about major companies and retailers being hacked for their customers’ data. It’s not just big companies and big-box retailers, though. Law firms are increasingly the target of hackers, due to a combination of factors including relatively lax security and large quantities of organized, valuable information. . . .

There’s nothing you can do if hackers get into a database with your password in it, but you can still protect yourself for all the other worst-case scenarios involving hacking. In this video, we go over ways to make your passwords harder to crack. [Video found at PCWorld link.-CCE]

First, don’t make it easy on hackers by choosing a common password. Splashdata uses security breaches to gather ‘most popular passwords’ lists each year. The word ‘password’, number sequences, and other simplistic phrases or numbers fill the top spots. Also, don’t use your name, a password related to another one you might have on a different site, or a login name.

We have heard of other hacks on that stole information from credit/debit cards and other financial and personal data. This is far more serious. It was first discovered in July, and the investigation is ongoing. Initial reports of the damage and who caused it have changed as the investigation progresses. -CCE

‘The huge cyberattack on JPMorgan Chase that touched more than 83 million households and businesses was one of the most serious computer intrusions into an American corporation. But it could have been much worse. Questions over who the hackers are and the approach of their attack concern government and industry officials. Also troubling is that about nine other financial institutions — a number that has not been previously reported — were also infiltrated by the same group of overseas hackers, according to people briefed on the matter. The hackers are thought to be operating from Russia and appear to have at least loose connections with officials of the Russian government, the people briefed on the matter said. It is unclear whether the other intrusions, at banks and brokerage firms, were as deep as the one that JPMorgan disclosed on Thursday. The identities of the other institutions could not be immediately learned. The breadth of the attacks — and the lack of clarity about whether it was an effort to steal from accounts or to demonstrate that the hackers could penetrate even the best-protected American financial institutions — has left Washington intelligence officials and policy makers far more concerned than they have let on publicly. Some American officials speculate that the breach was intended to send a message to Wall Street and the United States about the vulnerability of the digital network of one of the world’s most important banking institutions.’ . . .

Despite the fact that every major Internet provider has added some kind of encryption to its services over the past year, tracking your online traffic is easier than you think.

And you don’t have to be the target of the hacker or the NSA for your traffic to be intercepted. There is a hole in mobile security that could make tens of millions of Americans vulnerable.

Unsecure Wi-Fi networks have been a well-known vulnerability in the tech industry for years. They can let even the most unsophisticated hacker capture your traffic and possibly steal your identity. . . .

The Chinese army knows this vulnerability and attacks American employees every day to steal trade secrets and gain commercial advantage for Chinese businesses.

Criminal hackers can cause tremendous damage, whether trained in China or not. If a high level expert, such as any member of China’s elite Unit 61398, aka Comment Crew, gets into your system, they can seize root control, and own it. They can then plant virtually undetectable back doors into your systems. This allows them to later come and go as they please. . . .

Heartbleed: The Complete Rundown, by PCMag Staffhttp://tinyurl.com/muscrx5 The Heartbeat Bug was THE news this week. Knowing that it is here, and cannot be avoided is one thing. Knowing about to do about it is critical. Change your passwords, especially to to online banking, e-mail, apps, and other things we’ve taken for granted. -CCE

The Heartbleed bug is the big news in tech this week, an exploit that has been in the wild since 2012 and has left countless Internet users open to scammers. PCMag and the SecurityWatch team have been keeping tabs on all the news, so check out our coverage below, and check back for updates. . . .

The biggest retail hack in U.S. history wasn’t particularly inventive, nor did it appear destined for success. In the days prior to Thanksgiving 2013, someone installed malware in Target’s (TGT) security and payments system designed to steal every credit card used at the company’s 1,797 U.S. stores. At the critical moment—when the Christmas gifts had been scanned and bagged and the cashier asked for a swipe—the malware would step in, capture the shopper’s credit card number, and store it on a Target server commandeered by the hackers.

It’s a measure of how common these crimes have become, and how conventional the hackers’ approach in this case, that Target was prepared for such an attack. . . .